Posts

[RANT] On Malevich's black square and booting up operating systems and Computational existentialism

People often look at Maleviche's black square as though it almost an insult of abstract art. Presenting something so simplistic cannot be art. At the same time speaking almost too directly to the core of what art is as a singular expression, stripped from all its symbols, completely drank dry of its mercy for our simple symbol driven brains - a direct attack of truth. We also tend to look at simple dichotomies of 1 and 0 or True and False as nothing more than capable of hosting non-sentient not dynamic non-functional exchanges of voltages - but also of course ourselves as the sentient (apparently) employing a dichotomy directly here in order to start describing our need of its very escape. We talk about simple binary systems as though they are not capable - but do no talk about how in inescapable the Binary is in requiring a binary form of argument in order to escape our reliance on it... or not :)

The little I know about computer science tells me this about how a computer boots.…

Reversing a bare bones Raspberry Pi Kernel : Branching To the Kernel

Image
I lost the first version of this post because of problem in blogger's auto-save function.

Anyway so if you want to get your own raspberry pi os kernel going, I share some cool posts on that in here and expand on them by unpacking some of the assembler code essentially reverse engineering it or "unrolling" the os. 
Setting up your Development Environment I think the explanation of the 'Roll your own Rapsberry Pi Os' at https://jsandler18.github.io/ pretty much sorts this out I can at least do the favor of confirming that this persons advice definitely does the job so check it out.  The post also discusses the background of why we need certain files in the project for instance like the linker scripts and kernel.c files. As a short summary here's the basic work flow:

1 - Write a linker script This is to make sure the compiler can recombined the boot.S and kernel.c parts 2 - Write a boot.S This file is to initialize the run time for your kernel and branch into i…

[Reverse Engineering Primer] Unpacking cramfs firmware file systems

Image
Reverse engineering firmware from the point of view of an attacker involves levering as much as possible what is accessible from the physical board. Of course the classic question this strives to answer is, if someone gets hold of my board what could go wrong? Reverse engineering some devices in the wild often exposes security keys, default passwords and other forms of security failures that can expose an unfair escalation of privilege or perhaps also allow a complete take over of the device right down to boot loader level - all of this sometimes also possibly learned by analyzing the firmware.

I'm going to talk about some of the more basic skill in getting toward exposing the code and other sensitive artifacts used by the device. Before you can find remote code execs and admin auth by pass vulns you need to get to grips with firmware image formats and embedded file systems.

Setting up the environment 
Before getting super in depth and writing our own file format parsers, machine …

Windows Exploit Development : Exploiting Structured Exception Handling and ROP Chaining

Image
Hi folks this post is a continuation of a series I'm doing covering the fundamentals of windows exploit development. In this post I'm going to inch a little closer to arbitrary code execution by showing you how to chain ROP gadgets and one or two stack pivoting tricks.

So here's how this post is going to go:
We we're gonna look at how Structured Exception handling worksWe're gonna break it and show how it breaksThen we're going to make it execute whatever code we wantFigure out how to fix our stack pointerChain some ROP gadgets What you needWindows Virtual Machine Debugger Tools for windowsEasy MPEG to DVD Burner (copy available on exploit-db)ImmunityDBG(optional) python script memcoder.py https://gist.github.com/k3170makan/7f55d25869f3f812f8c3706089c0a74c Reverse Engineering Structured Exception Handling
Structured Exception handling is a mechanism offered to functions in that allow them to customize their responses to hardware and software exceptions. Hardwar…